Package: advi Version: 1.6.0-12 Severity: serious Tags: security Hi,
CVE-2009-2660 and CVE-2009-3296 [0],[1] have recently been published for camlimages. advi statically links to camlimages, so any issues in that package are also applicable to advi. DSAs were already issued for camlimages in etch an lenny, so advi just needs to be relinked using those new versions. Please coordinate these updates with the security team. It would also be useful to combine your fix with that for CVE-2009-2295. If you fix these vulnerabilities please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 http://security-tracker.debian.net/tracker/CVE-2009-2660 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296 http://security-tracker.debian.net/tracker/CVE-2009-3296 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
